Configuring ControlSuite

The Configuration Assistant walks you through the setup of databases, services, security and authentication, and licensing the ControlSuite solution. The configuration assistant must be completed in order, and as you complete the steps, the navigation menu items becomes "active", and you can click on any completed section to review or make changes as needed.
  1. After installing ControlSuite, launch the Configuration Assistant. The Configuration Assistant can either be auto-launched as part of the Install Assistant finishing process, or by running the Configuration Assistant application found in C:\Program Files\Nuance\Configuration Assistant.
  2. Click Get Started on the Welcome page.
  3. A Databases page opens displaying the installed components, database instances and database names.

    The green checkmark beside the component indicates that the database is configured correctly. The red warning means that a particular configuration setting is not valid, and the database information must be updated before the configuration can continue. When the databases are validated, click Next to continue.

    To modify a database, click the Edit icon beside its name to open the Configure Component window, and select a Database Type - SQL Server or SQL Server Compact Edition.

    The available database types depends on the installed ControlSuite component's supported databases.

    If selecting SQL Server, modify the following:

    • Authentication Type - Windows or SQL Server.
      • Windows (default selection): select this option when the user running the Windows Service account connects to the database server.
      • SQL Server: enter the user credentials in the Login and Password fields, (this can be another Windows user or a SQL Server user).
    • Instance - use the default, or select another instance from the drop-down list, or click Find to search for one not in the list.
    • Database Name - Enter the name of the database or select another database from the drop-down list.
    • Click the Test button to verify the database and server and functioning. A green check-mark displays when validated.
    To create an SQL database for Output Manager using the Configuration Assistant, you need to have a Server Role of dbcreator. To use this database, the user or account running the DBM must have at least a db_owner Database Role Membership for the database.

    If selecting SQL Server Compact Edition, enter the database Password, and click the Test button to verify the database and server and functioning.

    The initial SQL Server Compact database and default password are created automatically when Business Connect is installed.

    It is recommended that a new database is created when installing Equitrac 6.1 on a server with an existing Equitrac database. Although direct upgrades to Equitrac 6.1 from an earlier 5.x version is not supported, Configuration Assistant may use the existing database and automatically upgrade it as required.

    A Running Database Scripts window opens to locate and connect to the selected databases. When successful, there is a green check-mark beside each item. Close the database script window when done. A red 'x' indicates that a the database was not setup properly.

  4. A Certificate Management page opens displaying the list of certificates associated with each component.
    1. Select the check box next to the component and select Generate Self-Signed or Import Certificate from the Select Action drop-down menu. Alternatively, click the + icon to generate a self-signed certificate, or click the Open file icon to import a certificate.
      • Generate Self-Signed - A pop-up opens where you can provide Friendly name and Expire date for the certificate. If you select the Save to file check box, enter a Password and File path to where to save the certificate, and click OK to continue.

        A Generate Certificate window opens to create the selected certificates. When successful, there is a green check-mark beside each item. Close the generate certificate window when done.

      • Import Certificate - A pop-up opens where you can select a certificate Filename and Password, and click OK. Alternatively, click the Browse button to open the location of stored certificates and select the desired file. Click OK to continue.
        Existing custom certificates with Equitrac services for HTTPS can be used when upgrading from Equitrac 6.0 to 6.1
    2. Click Next. A Binding Ports window opens updating the IIS certificates. When successful, there is a green check-mark beside each item. Close the binding ports window when done.
    3. Click Next to continue.
  5. A Core Services page opens with a list of the installed core services, along with their service credentials, startup type and current status.
    • Click the Actions icon beside the Distributed Database Service (DDB) and select Configure if you want to edit its default settings. You can edit the ports used and the data folder and log file locations. Click OK to save the changes or Cancel to leave the defaults. By default this service is not started and it cannot be manually started. The DDB service will start automatically once the security framework is configured.
    • Click the Actions icon beside the Licensing Service and select Configure if you want to change the Licensing Service Port used. By default Port 44370 is used by the ControlSuite licensing service. Select Start to start the licensing service if it not already running.
    • Click Next.
  6. An Authentication & Security page opens where you provide your Security Framework credentials and connections.
    When Security Framework Service (SFS) is installed, you can create security admin user credentials for the admin to have access to configure ControlSuite security registrations, or you can connect to an existing server where the Security Framework Services are running. The security admin credentials are created when you first install a security framework node, and will be required later.
    Security framework provides a secure infrastructure for ControlSuite shared components. ControlSuite services can register themselves with the Secure Service Discovery Service (SSDS) in order to locate other service locations in distributed deployments. The Authentication and Authorization (AA) service secures component to component communications and also restricts each component to only a specific set of authorized actions based on its component type.
    Select whether to configure a new security framework or to connect to an existing one.
    If you select This is my first deployment of security framework, enter the following:
    1. Security framework admin and Password- Create the security framework admin credentials if they do not exist. The security framework admin is a unique username used to manage the security framework. The username and password are used to add nodes or datacenters to an existing security framework. This username is not associated with your directory services and is not case sensitive.
      When upgrading from Equitrac 6.0 to 6.1, all existing Equitrac clients and services will be automatically enrolled after logging in with the Security Admin credentials.
    2. Host name - This is name of the system where Security Framework is installed on.
    3. Datacenter name - The datacenter is where one or more Security Framework Services (SFS) are running.
      The datacenter name is created on the machine where the first instance of the SFS is installed. This datacenter is used to connect any additional SFS machines in your deployment. See Understanding Security Framework Datacenters for more details.
    4. Click Apply.
    If you select I'm adding a new node to an existing security framework, enter the following:
    1. Remote security framework server - This is the hostname of a system running security framework. Typically, this is a primary ControlSuite server.
    2. Port - 8181 is the default Security Framework port.
    3. Security framework admin and Password - The security framework admin is a user that was already created when the first instance of Security Framework was installed and configured.
    4. Click Login.
    5. Host name is pre-populated with the name created in the previous screen.
    6. Datacenter name - The datacenter is where one or more Security Framework Services are running. The drop-down list is populated with all available datacenters.
    7. Click Apply and Next to continue.

    An Initializing Security Framework window opens to update the configuration and register the distributed database. When successful, there is a green check-mark beside each item. Close the security framework window when done.

    An Authentication & Security summary page opens with the Server Location information and Security Admin Credentials. If all the information is correct, there is a green check-mark beside the Login button. Click Next to continue.

  7. A Security Framework Status page opens to display all deployed datacenters, security framework nodes along with their status.
    • If the status displays Offline, click the Refresh icon to try syncing the node with its database. This can take a few minutes.
    • Click the Action icon next to the Host and then click Details to open a Security Framework Node Report which provides information of the node status. Close the report window and proceed with the configuration.
    • An Enrolling pop-up shows the enrolling status. Close the Enrolling window when done, and click Next
  8. A CS Enrollment page opens where you enroll services into the Security Framework.
    • Select all the services that need to be enrolled. By default all servers need to be enrolled. Choose Enroll from the Choose drop-down list. Alternatively, you can select Enroll from the Action option to enroll one or more services at a time. You can also Unenroll and Validate the services from the Action option.
    • An Enrolling pop-up shows the enrolling status. Close the Enrolling window when done, and click Next.
  9. A Services page opens with a list of the installed services, along with their service credentials, startup type and current status.
    Any service shown in red indicates that it cannot run as LocalSystem, and requires different service credentials.
    1. Select Credentials under the Actions icon for that service, and supply a valid service Account and Password, and then click Test credentials and OK to continue.
      The Username must be in the form of domain\username and this account should have Administrator privileges on all machines on the network running Equitrac services.
    2. Once all the credentials have been provided, Start all the services, and click Next.
    The DBM Service requires ownership of the OM database. When the service is started, the Configuration Assistant tries to determine if the credentials used for the DBM Service has access to the DBM database and is a database owner. You may see a warning message if the DBM does not have database ownership rights or if the Configuration Assistant user does not have rights to verify the database credentials for the DBM. The DBM Service will start, but you may need to verify that permission has been granted within the SQL Server for this account.
  10. A Licensing page opens displaying the License Server location and Server ID.
    See Licensing ControlSuite for licensing details.
    1. If you want to change the License Server location, click the Edit icon beside the Server location field to open the Change License Server Location window.
      • Confirm the License Server location is correct. Optionally, you can change the default License Server location.
      • Click the Preview button to auto-create the License server ID. The License Server ID is used to manage your licenses on the Customer Portal. Any licensed features will populate the list.
        TLS 1.2 must be enabled on the License server to ensure a secure connection. If TLS 1.2 is disabled, a licensing error may display.
      • Click Apply.

        An Apply licenses window opens to initialize and update the product licenses. When successful, there is a green check-mark beside each item. Close the Apply licenses window when done

    2. Click the Copy icon on the right of the Server ID to copy this ID to the clipboard. The License Server ID is used to register the server and manage your licenses on the Customer Portal.
    3. Click the Open Kofax Customer Portal link to go to the Customer Portal. Alternatively, open a web browser and enter https://register.kofax.com/serialregistration to access the Customer Portal. See Licensing ControlSuite for licensing details.
    4. Once the licenses have been assigned to this License Server, click Refresh Licenses to update the license.
      • Select Update license online and click Apply to communicate with the License Server to synchronize the changes or updates to the licenses on Customer portal.
      • Select This License Server has no access to Internet to update the license file from the binary downloaded from the Customer Portal, then click Download License Request. Open the License File and click Apply.
    5. Click Next to continue.
  11. A System Administrators page opens displaying the configured administrators. Click Next to continue. You can click the Edit icon beside administrator if you want to modify its settings.
  12. A Launch Applications page opens where you can launch any of the installed ControlSuite applications directly from the Configuration Assistant. Alternatively, you can use the Start menu to navigate to the appropriate ControlSuite product.
  13. Click Close to exit the Configuration Assistant.